#bushehr — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #bushehr, aggregated by home.social.
-
https://www.europesays.com/es/485871/ Un misil estadounidense cae a 75 metros de la central nuclear iraní de Bushehr #BreakingNews #BreakingNews #bushehr #cae #central #estadounidense #FeaturedNews #FeaturedNews #Headlines #Internacional #International #InternationalNews #InternationalNews #iraní #LatestNews #LatestNews #metros #misil #News #Noticias #NoticiasDestacadas #NoticiasDestacadas #Nuclear #Titulares #ÚltimasNoticias #ÚltimasNoticias #World #WorldNews #WorldNews
-
El OIEA advirtió que ataques cerca de la central nuclear de Bushehr, en Irán, representan riesgo de accidente radiológico. El organismo confirmó impactos cercanos, aunque la planta no resultó dañada.
-
#MahfuzTalukder #Iran #US #USA #Israel #war #nuclear #nuclearDisaster #PersianGulf #MiddleEast
#NewsBaba reporting on the bombing #Bushehr #nuclearPowerplant
-
4 April "🇮🇷 #Iran War: Renewed attack on #Bushehr #Nuclear Power Plant Security personnel killed Nuclear power plant ancillary building damaged Nuclear lobby: #Nuclear power plants must not be attacked" '🇷🇺 #Rosatom evacuates its employees .. developments near the NPP represent worst-case scenario'
RE: https://bsky.app/profile/did:plc:yd4huluhnrewiaa6eatgisaf/post/3mip6kfkqi22s -
Irán alerta de daños en la planta nuclear de Bushehr tras ataques y descarta incremento de radiación
📰 Título original: Irán denuncia que la lluvia radiactiva acabará con la vida en las capitales del CCG
🤖 IA: Es clickbait ⚠️
👥 Usuarios: Es clickbait ⚠️Ver resumen IA completo: https://killbait.com/es/iran-alerta-de-danos-en-la-planta-nuclear-de-bushehr-tras-ataques-y-descarta-incremento-de-radiacion/?redirpost=79e7cec8-86fd-4ee2-b4df-275717f37571
-
Irán alerta de daños en la planta nuclear de Bushehr tras ataques y descarta incremento de radiación
📰 Título original: Irán denuncia que la lluvia radiactiva acabará con la vida en las capitales del CCG
🤖 IA: Es clickbait ⚠️
👥 Usuarios: Es clickbait ⚠️Ver resumen IA completo: https://killbait.com/es/iran-alerta-de-danos-en-la-planta-nuclear-de-bushehr-tras-ataques-y-descarta-incremento-de-radiacion/?redirpost=79e7cec8-86fd-4ee2-b4df-275717f37571
-
Escalada crítica en Irán: ataque a planta nuclear de Bushehr y complejo petroquímico deja seis muertos | vía #UChileRadio
#ataquenuclear #bushehr #crisisenergética #irán #rafaelgrossi #rosatom
-
WHO chief Tedros Adhanom Ghebreyesus warns that attacks near Iran’s Bushehr nuclear plant could trigger a devastating nuclear accident, as IAEA confirms fresh strike. https://english.mathrubhumi.com/news/india/a-strike-could-trigger-a-nuclear-accident-who-chief-flags-nuclear-risk-after-bushehr-strike-du2zowt7?utm_source=dlvr.it&utm_medium=mastodon #Iran #Bushehr #NuclearSafety #WHO #IAEA
-
Senior Israeli military officials are coordinating with their Russian counterparts to facilitate the evacuation of Russian experts from the Iranian #Bushehr nuclear reactor and provide a form of "safe corridor", according to KAN News.
The evacuation began in the last few hours following another American/Israeli attack in the vicinity of the reactor
These bastards really want to initiate Armageddon. And the entire western world supports them.
#NuclearCatastrophe #PersianGulf #WarOfAggression
#RegimeChange #WarOnIran #EpsteinWar #WestAsia #Iran #tRump #WarForOil #Israel -
Iran warns regional nations of consequences for attacks on nuclear sites; Bushehr plant was hit 4 times with no casualties or leaks since the start of the war of aggression against Iran
#Bushehr #NuclearCatastrophe #PersianGulf #WarOfAggression
#RegimeChange #WarOnIran #EpsteinWar #WestAsia #Iran #tRump #WarForOil #Israel -
#Iran🧿La #OIEA declara su "PROFUNDA PREOCUPACIÓN" por ataque a planta #nuclear de #Bushehr en Irán
Se trata del cuarto ataque a la central nuclear desde el comienzo de la agresión estadounidense-israelí.
#URGENTE⚡#Iran #IranWar #Libano #Palestina
https://sn-esp.site/Js98 -
https://www.europesays.com/it/427653/ Iran, raid sui siti nucleari: cosa succede se un reattore viene colpito? Da Busher a Khondab: il pericolo è nell’acqua #acqua #bushehr #busher #CentraleNucleare #Cronaca #DalMondo #DalMondo #GuerraUsaIran #iran #Mondo #News #Notizie #radiazioni #UltimeNotizie #UltimeNotizieDiMondo #UltimeNotizie #UltimeNotizieDiMondo #World #WorldNews #WorldNews
-
'Remember Western outrage about hostilities near Zaporozhye nuclear power plant?'
Iran's FM Araghchi on latest Bushehr plant attack: 'radioactive fallout will END LIFE in GCC capitals, NOT Tehran'
#Bushehr #NuclearDisaster #PersianGulf #WarOfAggression
#RegimeChange #WarOnIran #EpsteinWar #WestAsia #Iran #tRump #WarForOil #Israel -
'Remember Western outrage about hostilities near Zaporozhye nuclear power plant?'
Iran's FM Araghchi on latest Bushehr plant attack: 'radioactive fallout will END LIFE in GCC capitals, NOT Tehran'
#Bushehr #NuclearDisaster #PersianGulf #WarOfAggression
#RegimeChange #WarOnIran #EpsteinWar #WestAsia #Iran #tRump #WarForOil #Israel -
'Remember Western outrage about hostilities near Zaporozhye nuclear power plant?'
Iran's FM Araghchi on latest Bushehr plant attack: 'radioactive fallout will END LIFE in GCC capitals, NOT Tehran'
#Bushehr #NuclearDisaster #PersianGulf #WarOfAggression
#RegimeChange #WarOnIran #EpsteinWar #WestAsia #Iran #tRump #WarForOil #Israel -
'Remember Western outrage about hostilities near Zaporozhye nuclear power plant?'
Iran's FM Araghchi on latest Bushehr plant attack: 'radioactive fallout will END LIFE in GCC capitals, NOT Tehran'
#Bushehr #NuclearDisaster #PersianGulf #WarOfAggression
#RegimeChange #WarOnIran #EpsteinWar #WestAsia #Iran #tRump #WarForOil #Israel -
Russia evacuates technical staff from Bushehr nuclear plant while publicly claiming 'no damage'—this divergence reveals dangerous information asymmetry in nuclear risk assessment. The strikes signal weaponization of civilian nuclear infrastructure. https://post.kapualabs.com/bdnpf9nn #NuclearSecurity #Geopolitics #Iran #Bushehr
-
هيئة #الطاقة #الذرية #الإيرانية تؤكد إصابة محيط #محطة #بوشهر #النووية بمقذوف دون وقوع #أضرار، محذرة أن أي #ضرر لمحطة #بوشهر قد يؤدي لحادث #نووي خطير له #تبعات على #المنطقة.
Iranian #Atomic #Energy #Agency reports the vicinity of #Bushehr #Nuclear #Plant was hit by a projectile without causing #damage, warning that any harm to #Bushehr #Plant could trigger a serious #nuclear #incident with regional #consequences.
-
https://www.europesays.com/ee/135095/ Iraani relvajõud lubavad elektrijaamade pommitamise korral rünnata regiooni vee- ja elektrivarustust #BreakingNews #BreakingNews #Bushehr #Damavand #EE #Eesti #EestiKeel #Estonia #Estonian #FeaturedNews #FeaturedNews #Headlines #Iraan #Kerman #Khuzestan #LähisIdaSõda #LatestNews #LatestNews #Maailm #News #PopulaarseimadLood #TopStories #TopStories #ÜldisedUudised #Uudised #ViimasedUudised #World #WorldNews #WorldNews
-
Fourteen Executions in Iran Reported on December 10
HRANA – Yesterday, Wednesday, December 10, HRANA reported the execution of thirteen prisoners on charges of murder and…
#Conflict #Conflicts #War #Bushehr #Chabahar #Damghan #HRANA #Iran #Kashmar #Mahabad #Malayer #middleeast #middleeastcrisis #Sabzevar #Shahr-eKord #Tehran
https://www.europesays.com/2627049/ -
On Friday, Grossi said in a worst-case scenario, a strike on Bushehr – which contains thousands of kilogrammes of nuclear material – would require evacuation orders to be issued for areas within several hundred kilometres of the plant, including population centres in other Gulf countries.
-
''Let me now refer to the #Bushehr Nuclear Power Plant. This is the nuclear site in #Iran where the #consequences of an #attack could be most serious. It is an operating nuclear power plant and as such it hosts thousands of #kilograms of nuclear material.''
-
#IAEA #DG Grossi’s #Statement to #UNSC on #Situation in #Iran (June 20 '25), https://etidiohnew.blogspot.com/2025/06/iaea-dg-grossis-statement-to-unsc-on_20.html
In case of an attack on the #Bushehr #NPP a direct hit could result in a very high release of #radioactivity to the #environment.
-
Of course, now we know who was behind #Stuxnet -- #Israel and the #CIA -- thanks!
Why the #StuxnetWorm is like nothing seen before
By Paul Marks
27 September 2010"Stuxnet is the first worm of its type capable of attacking #CriticalInfrastructure like #PowerStations and #ElectricityGrids: those in the know have been expecting it for years. On 26 September, #Iran’s state news agency reported that computers at its #Bushehr #NuclearPowerPlant had been infected.
Why the fuss over Stuxnet?
"#ComputerViruses, worms and #trojans have until now mainly infected PCs or the servers that keep e-businesses running. They may delete key system files or documents, or perhaps prevent website access, but they do not threaten life and limb.
"The Stuxnet worm is different. It is the first piece of #malware so far able to break into the types of computer that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like #pumps, #motors, #alarms and #valves in an industrial plant.
"In the worst case scenarios, safety systems could be switched off at a nuclear power plant; fresh water #contaminated with effluent at a #SewageTreatmentPlant, or the valves in an #OilPipeline opened, contaminating the land or sea.
“'Giving an attacker control of industrial systems like a #dam, a sewage plant or a power station is extremely unusual and makes this a serious threat with huge real world implications,' says Patrick Fitzgerald, senior threat intelligence officer with Symantec. 'It has changed everything.'
Why is a different type of worm needed to attack an industrial plant?
"Industrial machinery is not controlled directly by the kind of computers we all use. Instead, the equipment used in an industrial process is controlled by a separate, dedicated system called a programmable logic controller (#PLC) which runs supervisory control and data acquisition software (#SCADA).
"Running the SCADA software, the PLC controls the process at hand within strict safety limits, switching motors on and off, say, and emptying vessels, and feeding back data which may safely modify the process without the need for human intervention – the whole point of industrial automation.
So how does a worm get into the system?
"It is not easy because they do not run regular PC, Mac or Linux software. Instead, the firms who sell PLCs each have their own programming language – and that has made it tricky for hackers to break it.
"However there is a way in via the Windows PC that oversees the PLC’s operations. Stuxnet exploited four vulnerabilities in Microsoft Windows to give a remote hacker the ability to inject malicious code into a market-leading PLC made by German electronics conglomerate Siemens.
"That’s possible because PLCs are not well-defended devices. They operate for many years in situ and electronic access to them is granted via well-known passwords that are rarely changed. Even when Stuxnet was identified, Siemens opposed password changes on the grounds that it could cause chaos as older systems tried to communicate using old passwords.
Where did the initial Stuxnet infection come from?
"It appears to have first arrived in Iran on a simple #USBMemoryStick, says Fitzgerald. His team in Dublin, Ireland has been analysing Stuxnet since it was first identified by a security team in Belarus in June.
"The first of the four Windows vulnerabilities allowed executable code on a USB stick to spread to a PC. The USB may have been given to an Iranian plant operative – or simply left somewhere for an inquisitive person to insert into their terminal.
"Says Fitzgerald: 'It then spreads from machine to machine on the network, exploiting a second vulnerability to do so, and reports back to the attacker on the internet when it finds a PC that’s running Siemens SCADA software. The attacker can then download a diagram of the industrial system set-up the SCADA controls.'
"The next two Windows vulnerabilities lets the worm escalate its privilege levels to allow the attacker to inject Siemens PLC format computer code – written in a language called STL – into the PLC. It’s that code which is capable of performing the skulduggery: perhaps turning off alarms, or resetting safe temperature levels.
How do we know where Stuxnet is active?
"Symantec monitored communications with the two internet domains that the worm swaps data with. By geotagging the IP addresses of Stuxnet-infected computers in communication with the attacker, Fitzgerald’s team found that 58.8 per cent of infections were in Iran, 18.2 per cent in #Indonesia, 8.3 per cent in #India, 2.6 per cent in #Azerbaijan and 1.6 per cent in the US.
Who is behind the worm?
"No one knows. It is however very professionally written, requiring what Fitzgerald calls 'a broad spectrum of skills' to exploit four new vulnerabilities and develop their own SCADA/PLC set-up to test it on.
"This has some commentators suggesting that a #NationState with plenty of technical resources may have been behind Stuxnet. But computer crime is a billion dollar business so such an effort is not beyond extortionists.
"Stuxnet comprises a 600-kilobyte file and it has not yet been fully analysed."
Read more:
https://www.newscientist.com/article/dn19504-why-the-stuxnet-worm-is-like-nothing-seen-before/ -
Of course, now we know who was behind #Stuxnet -- #Israel and the #CIA -- thanks!
Why the #StuxnetWorm is like nothing seen before
By Paul Marks
27 September 2010"Stuxnet is the first worm of its type capable of attacking #CriticalInfrastructure like #PowerStations and #ElectricityGrids: those in the know have been expecting it for years. On 26 September, #Iran’s state news agency reported that computers at its #Bushehr #NuclearPowerPlant had been infected.
Why the fuss over Stuxnet?
"#ComputerViruses, worms and #trojans have until now mainly infected PCs or the servers that keep e-businesses running. They may delete key system files or documents, or perhaps prevent website access, but they do not threaten life and limb.
"The Stuxnet worm is different. It is the first piece of #malware so far able to break into the types of computer that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like #pumps, #motors, #alarms and #valves in an industrial plant.
"In the worst case scenarios, safety systems could be switched off at a nuclear power plant; fresh water #contaminated with effluent at a #SewageTreatmentPlant, or the valves in an #OilPipeline opened, contaminating the land or sea.
“'Giving an attacker control of industrial systems like a #dam, a sewage plant or a power station is extremely unusual and makes this a serious threat with huge real world implications,' says Patrick Fitzgerald, senior threat intelligence officer with Symantec. 'It has changed everything.'
Why is a different type of worm needed to attack an industrial plant?
"Industrial machinery is not controlled directly by the kind of computers we all use. Instead, the equipment used in an industrial process is controlled by a separate, dedicated system called a programmable logic controller (#PLC) which runs supervisory control and data acquisition software (#SCADA).
"Running the SCADA software, the PLC controls the process at hand within strict safety limits, switching motors on and off, say, and emptying vessels, and feeding back data which may safely modify the process without the need for human intervention – the whole point of industrial automation.
So how does a worm get into the system?
"It is not easy because they do not run regular PC, Mac or Linux software. Instead, the firms who sell PLCs each have their own programming language – and that has made it tricky for hackers to break it.
"However there is a way in via the Windows PC that oversees the PLC’s operations. Stuxnet exploited four vulnerabilities in Microsoft Windows to give a remote hacker the ability to inject malicious code into a market-leading PLC made by German electronics conglomerate Siemens.
"That’s possible because PLCs are not well-defended devices. They operate for many years in situ and electronic access to them is granted via well-known passwords that are rarely changed. Even when Stuxnet was identified, Siemens opposed password changes on the grounds that it could cause chaos as older systems tried to communicate using old passwords.
Where did the initial Stuxnet infection come from?
"It appears to have first arrived in Iran on a simple #USBMemoryStick, says Fitzgerald. His team in Dublin, Ireland has been analysing Stuxnet since it was first identified by a security team in Belarus in June.
"The first of the four Windows vulnerabilities allowed executable code on a USB stick to spread to a PC. The USB may have been given to an Iranian plant operative – or simply left somewhere for an inquisitive person to insert into their terminal.
"Says Fitzgerald: 'It then spreads from machine to machine on the network, exploiting a second vulnerability to do so, and reports back to the attacker on the internet when it finds a PC that’s running Siemens SCADA software. The attacker can then download a diagram of the industrial system set-up the SCADA controls.'
"The next two Windows vulnerabilities lets the worm escalate its privilege levels to allow the attacker to inject Siemens PLC format computer code – written in a language called STL – into the PLC. It’s that code which is capable of performing the skulduggery: perhaps turning off alarms, or resetting safe temperature levels.
How do we know where Stuxnet is active?
"Symantec monitored communications with the two internet domains that the worm swaps data with. By geotagging the IP addresses of Stuxnet-infected computers in communication with the attacker, Fitzgerald’s team found that 58.8 per cent of infections were in Iran, 18.2 per cent in #Indonesia, 8.3 per cent in #India, 2.6 per cent in #Azerbaijan and 1.6 per cent in the US.
Who is behind the worm?
"No one knows. It is however very professionally written, requiring what Fitzgerald calls 'a broad spectrum of skills' to exploit four new vulnerabilities and develop their own SCADA/PLC set-up to test it on.
"This has some commentators suggesting that a #NationState with plenty of technical resources may have been behind Stuxnet. But computer crime is a billion dollar business so such an effort is not beyond extortionists.
"Stuxnet comprises a 600-kilobyte file and it has not yet been fully analysed."
Read more:
https://www.newscientist.com/article/dn19504-why-the-stuxnet-worm-is-like-nothing-seen-before/ -
Of course, now we know who was behind #Stuxnet -- #Israel and the #CIA -- thanks!
Why the #StuxnetWorm is like nothing seen before
By Paul Marks
27 September 2010"Stuxnet is the first worm of its type capable of attacking #CriticalInfrastructure like #PowerStations and #ElectricityGrids: those in the know have been expecting it for years. On 26 September, #Iran’s state news agency reported that computers at its #Bushehr #NuclearPowerPlant had been infected.
Why the fuss over Stuxnet?
"#ComputerViruses, worms and #trojans have until now mainly infected PCs or the servers that keep e-businesses running. They may delete key system files or documents, or perhaps prevent website access, but they do not threaten life and limb.
"The Stuxnet worm is different. It is the first piece of #malware so far able to break into the types of computer that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like #pumps, #motors, #alarms and #valves in an industrial plant.
"In the worst case scenarios, safety systems could be switched off at a nuclear power plant; fresh water #contaminated with effluent at a #SewageTreatmentPlant, or the valves in an #OilPipeline opened, contaminating the land or sea.
“'Giving an attacker control of industrial systems like a #dam, a sewage plant or a power station is extremely unusual and makes this a serious threat with huge real world implications,' says Patrick Fitzgerald, senior threat intelligence officer with Symantec. 'It has changed everything.'
Why is a different type of worm needed to attack an industrial plant?
"Industrial machinery is not controlled directly by the kind of computers we all use. Instead, the equipment used in an industrial process is controlled by a separate, dedicated system called a programmable logic controller (#PLC) which runs supervisory control and data acquisition software (#SCADA).
"Running the SCADA software, the PLC controls the process at hand within strict safety limits, switching motors on and off, say, and emptying vessels, and feeding back data which may safely modify the process without the need for human intervention – the whole point of industrial automation.
So how does a worm get into the system?
"It is not easy because they do not run regular PC, Mac or Linux software. Instead, the firms who sell PLCs each have their own programming language – and that has made it tricky for hackers to break it.
"However there is a way in via the Windows PC that oversees the PLC’s operations. Stuxnet exploited four vulnerabilities in Microsoft Windows to give a remote hacker the ability to inject malicious code into a market-leading PLC made by German electronics conglomerate Siemens.
"That’s possible because PLCs are not well-defended devices. They operate for many years in situ and electronic access to them is granted via well-known passwords that are rarely changed. Even when Stuxnet was identified, Siemens opposed password changes on the grounds that it could cause chaos as older systems tried to communicate using old passwords.
Where did the initial Stuxnet infection come from?
"It appears to have first arrived in Iran on a simple #USBMemoryStick, says Fitzgerald. His team in Dublin, Ireland has been analysing Stuxnet since it was first identified by a security team in Belarus in June.
"The first of the four Windows vulnerabilities allowed executable code on a USB stick to spread to a PC. The USB may have been given to an Iranian plant operative – or simply left somewhere for an inquisitive person to insert into their terminal.
"Says Fitzgerald: 'It then spreads from machine to machine on the network, exploiting a second vulnerability to do so, and reports back to the attacker on the internet when it finds a PC that’s running Siemens SCADA software. The attacker can then download a diagram of the industrial system set-up the SCADA controls.'
"The next two Windows vulnerabilities lets the worm escalate its privilege levels to allow the attacker to inject Siemens PLC format computer code – written in a language called STL – into the PLC. It’s that code which is capable of performing the skulduggery: perhaps turning off alarms, or resetting safe temperature levels.
How do we know where Stuxnet is active?
"Symantec monitored communications with the two internet domains that the worm swaps data with. By geotagging the IP addresses of Stuxnet-infected computers in communication with the attacker, Fitzgerald’s team found that 58.8 per cent of infections were in Iran, 18.2 per cent in #Indonesia, 8.3 per cent in #India, 2.6 per cent in #Azerbaijan and 1.6 per cent in the US.
Who is behind the worm?
"No one knows. It is however very professionally written, requiring what Fitzgerald calls 'a broad spectrum of skills' to exploit four new vulnerabilities and develop their own SCADA/PLC set-up to test it on.
"This has some commentators suggesting that a #NationState with plenty of technical resources may have been behind Stuxnet. But computer crime is a billion dollar business so such an effort is not beyond extortionists.
"Stuxnet comprises a 600-kilobyte file and it has not yet been fully analysed."
Read more:
https://www.newscientist.com/article/dn19504-why-the-stuxnet-worm-is-like-nothing-seen-before/ -
Of course, now we know who was behind #Stuxnet -- #Israel and the #CIA -- thanks!
Why the #StuxnetWorm is like nothing seen before
By Paul Marks
27 September 2010"Stuxnet is the first worm of its type capable of attacking #CriticalInfrastructure like #PowerStations and #ElectricityGrids: those in the know have been expecting it for years. On 26 September, #Iran’s state news agency reported that computers at its #Bushehr #NuclearPowerPlant had been infected.
Why the fuss over Stuxnet?
"#ComputerViruses, worms and #trojans have until now mainly infected PCs or the servers that keep e-businesses running. They may delete key system files or documents, or perhaps prevent website access, but they do not threaten life and limb.
"The Stuxnet worm is different. It is the first piece of #malware so far able to break into the types of computer that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like #pumps, #motors, #alarms and #valves in an industrial plant.
"In the worst case scenarios, safety systems could be switched off at a nuclear power plant; fresh water #contaminated with effluent at a #SewageTreatmentPlant, or the valves in an #OilPipeline opened, contaminating the land or sea.
“'Giving an attacker control of industrial systems like a #dam, a sewage plant or a power station is extremely unusual and makes this a serious threat with huge real world implications,' says Patrick Fitzgerald, senior threat intelligence officer with Symantec. 'It has changed everything.'
Why is a different type of worm needed to attack an industrial plant?
"Industrial machinery is not controlled directly by the kind of computers we all use. Instead, the equipment used in an industrial process is controlled by a separate, dedicated system called a programmable logic controller (#PLC) which runs supervisory control and data acquisition software (#SCADA).
"Running the SCADA software, the PLC controls the process at hand within strict safety limits, switching motors on and off, say, and emptying vessels, and feeding back data which may safely modify the process without the need for human intervention – the whole point of industrial automation.
So how does a worm get into the system?
"It is not easy because they do not run regular PC, Mac or Linux software. Instead, the firms who sell PLCs each have their own programming language – and that has made it tricky for hackers to break it.
"However there is a way in via the Windows PC that oversees the PLC’s operations. Stuxnet exploited four vulnerabilities in Microsoft Windows to give a remote hacker the ability to inject malicious code into a market-leading PLC made by German electronics conglomerate Siemens.
"That’s possible because PLCs are not well-defended devices. They operate for many years in situ and electronic access to them is granted via well-known passwords that are rarely changed. Even when Stuxnet was identified, Siemens opposed password changes on the grounds that it could cause chaos as older systems tried to communicate using old passwords.
Where did the initial Stuxnet infection come from?
"It appears to have first arrived in Iran on a simple #USBMemoryStick, says Fitzgerald. His team in Dublin, Ireland has been analysing Stuxnet since it was first identified by a security team in Belarus in June.
"The first of the four Windows vulnerabilities allowed executable code on a USB stick to spread to a PC. The USB may have been given to an Iranian plant operative – or simply left somewhere for an inquisitive person to insert into their terminal.
"Says Fitzgerald: 'It then spreads from machine to machine on the network, exploiting a second vulnerability to do so, and reports back to the attacker on the internet when it finds a PC that’s running Siemens SCADA software. The attacker can then download a diagram of the industrial system set-up the SCADA controls.'
"The next two Windows vulnerabilities lets the worm escalate its privilege levels to allow the attacker to inject Siemens PLC format computer code – written in a language called STL – into the PLC. It’s that code which is capable of performing the skulduggery: perhaps turning off alarms, or resetting safe temperature levels.
How do we know where Stuxnet is active?
"Symantec monitored communications with the two internet domains that the worm swaps data with. By geotagging the IP addresses of Stuxnet-infected computers in communication with the attacker, Fitzgerald’s team found that 58.8 per cent of infections were in Iran, 18.2 per cent in #Indonesia, 8.3 per cent in #India, 2.6 per cent in #Azerbaijan and 1.6 per cent in the US.
Who is behind the worm?
"No one knows. It is however very professionally written, requiring what Fitzgerald calls 'a broad spectrum of skills' to exploit four new vulnerabilities and develop their own SCADA/PLC set-up to test it on.
"This has some commentators suggesting that a #NationState with plenty of technical resources may have been behind Stuxnet. But computer crime is a billion dollar business so such an effort is not beyond extortionists.
"Stuxnet comprises a 600-kilobyte file and it has not yet been fully analysed."
Read more:
https://www.newscientist.com/article/dn19504-why-the-stuxnet-worm-is-like-nothing-seen-before/ -
Of course, now we know who was behind #Stuxnet -- #Israel and the #CIA -- thanks!
Why the #StuxnetWorm is like nothing seen before
By Paul Marks
27 September 2010"Stuxnet is the first worm of its type capable of attacking #CriticalInfrastructure like #PowerStations and #ElectricityGrids: those in the know have been expecting it for years. On 26 September, #Iran’s state news agency reported that computers at its #Bushehr #NuclearPowerPlant had been infected.
Why the fuss over Stuxnet?
"#ComputerViruses, worms and #trojans have until now mainly infected PCs or the servers that keep e-businesses running. They may delete key system files or documents, or perhaps prevent website access, but they do not threaten life and limb.
"The Stuxnet worm is different. It is the first piece of #malware so far able to break into the types of computer that control machinery at the heart of industry, allowing an attacker to assume control of critical systems like #pumps, #motors, #alarms and #valves in an industrial plant.
"In the worst case scenarios, safety systems could be switched off at a nuclear power plant; fresh water #contaminated with effluent at a #SewageTreatmentPlant, or the valves in an #OilPipeline opened, contaminating the land or sea.
“'Giving an attacker control of industrial systems like a #dam, a sewage plant or a power station is extremely unusual and makes this a serious threat with huge real world implications,' says Patrick Fitzgerald, senior threat intelligence officer with Symantec. 'It has changed everything.'
Why is a different type of worm needed to attack an industrial plant?
"Industrial machinery is not controlled directly by the kind of computers we all use. Instead, the equipment used in an industrial process is controlled by a separate, dedicated system called a programmable logic controller (#PLC) which runs supervisory control and data acquisition software (#SCADA).
"Running the SCADA software, the PLC controls the process at hand within strict safety limits, switching motors on and off, say, and emptying vessels, and feeding back data which may safely modify the process without the need for human intervention – the whole point of industrial automation.
So how does a worm get into the system?
"It is not easy because they do not run regular PC, Mac or Linux software. Instead, the firms who sell PLCs each have their own programming language – and that has made it tricky for hackers to break it.
"However there is a way in via the Windows PC that oversees the PLC’s operations. Stuxnet exploited four vulnerabilities in Microsoft Windows to give a remote hacker the ability to inject malicious code into a market-leading PLC made by German electronics conglomerate Siemens.
"That’s possible because PLCs are not well-defended devices. They operate for many years in situ and electronic access to them is granted via well-known passwords that are rarely changed. Even when Stuxnet was identified, Siemens opposed password changes on the grounds that it could cause chaos as older systems tried to communicate using old passwords.
Where did the initial Stuxnet infection come from?
"It appears to have first arrived in Iran on a simple #USBMemoryStick, says Fitzgerald. His team in Dublin, Ireland has been analysing Stuxnet since it was first identified by a security team in Belarus in June.
"The first of the four Windows vulnerabilities allowed executable code on a USB stick to spread to a PC. The USB may have been given to an Iranian plant operative – or simply left somewhere for an inquisitive person to insert into their terminal.
"Says Fitzgerald: 'It then spreads from machine to machine on the network, exploiting a second vulnerability to do so, and reports back to the attacker on the internet when it finds a PC that’s running Siemens SCADA software. The attacker can then download a diagram of the industrial system set-up the SCADA controls.'
"The next two Windows vulnerabilities lets the worm escalate its privilege levels to allow the attacker to inject Siemens PLC format computer code – written in a language called STL – into the PLC. It’s that code which is capable of performing the skulduggery: perhaps turning off alarms, or resetting safe temperature levels.
How do we know where Stuxnet is active?
"Symantec monitored communications with the two internet domains that the worm swaps data with. By geotagging the IP addresses of Stuxnet-infected computers in communication with the attacker, Fitzgerald’s team found that 58.8 per cent of infections were in Iran, 18.2 per cent in #Indonesia, 8.3 per cent in #India, 2.6 per cent in #Azerbaijan and 1.6 per cent in the US.
Who is behind the worm?
"No one knows. It is however very professionally written, requiring what Fitzgerald calls 'a broad spectrum of skills' to exploit four new vulnerabilities and develop their own SCADA/PLC set-up to test it on.
"This has some commentators suggesting that a #NationState with plenty of technical resources may have been behind Stuxnet. But computer crime is a billion dollar business so such an effort is not beyond extortionists.
"Stuxnet comprises a 600-kilobyte file and it has not yet been fully analysed."
Read more:
https://www.newscientist.com/article/dn19504-why-the-stuxnet-worm-is-like-nothing-seen-before/
